Submitted by: Submitted by lillylullibye
Views: 1769
Words: 1132
Pages: 5
Category: Other Topics
Date Submitted: 03/26/2012 03:26 PM
11-6
a. Briefly describe three strategies for testing internal controls when information technology is used for significant accounting processing.
Before any strategy takes place, an auditor must determine the end result desired from the Information Technology being used as well as the type of technology being dealt with. The most important thing is security thus it is vital to know this technology in and out to be able to determine its strengths and weaknesses. This allows for proper compensation to combat such attacks whether they are fraudulent or accidental in nature. It is necessary to be familiar with different types of proven viable internal control setups to properly test and gage an IT’s internal control system. There are three different strategies use when testing internal controls. First includes assessing the controls using user control information. In this strategy, an auditor would gather computer-generated reports and compare those to all documentation on specific transactions. This process is also known as auditing around the computer because it deals with more hard copy documents. The next strategy entails using application controls to determine the level of risk at low. The last strategy determining the level of risk at high includes testing of general controls and manual user entries.
b. Identify two strategies that might be used to support a low control risk assessment. Discuss the difference between the two strategies.
To determine a low control risk assessment an auditor may use a strategy where two different strategies. One strategy includes either increasing or decreasing the sample size of data being tested. Another strategy would be conducting a test sample on data from one given time and then test a different test sample at another date or time.
c. Discuss a third audit strategy that might be used to assess control risk at a high level. Explain why this strategy will not support a low control risk assessment.
A third...